First published: Thu Aug 06 2009(Updated: )
Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before 10.5.8, and 10.4 before Digital Camera RAW Compatibility Update 2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Server | =10.5.2 | |
Apple iOS and macOS | =10.5.6 | |
Apple iOS and macOS | =10.5.5 | |
Apple macOS Server | =10.5.5 | |
Apple iOS and macOS | =10.5.1 | |
Apple macOS Server | =10.5.1 | |
Apple macOS Server | =10.5.6 | |
Apple iOS and macOS | =10.5.3 | |
Apple iOS and macOS | =10.5.0 | |
Apple macOS Server | =10.5.0 | |
Apple macOS Server | =10.5.3 | |
Apple iOS and macOS | =10.5 | |
Apple macOS Server | =10.5.4 | |
Apple iOS and macOS | =10.5.2 | |
Apple macOS Server | =10.5.7 | |
Apple iOS and macOS | =10.5.6 | |
Apple iOS and macOS | =10.5.7 | |
Apple macOS Server | =10.5 | |
Apple iOS and macOS | =10.5.4 | |
Apple iOS and macOS | =10.4.3 | |
Apple macOS Server | =10.4.3 | |
Apple macOS Server | =10.4.10 | |
Apple macOS Server | =10.4.9 | |
Apple macOS Server | =10.4.11 | |
Apple iOS and macOS | =10.4.1 | |
Apple macOS Server | =10.4.2 | |
Apple macOS Server | =10.4.4 | |
Apple iOS and macOS | =10.4.10 | |
Apple macOS Server | =10.4.1 | |
Apple macOS Server | =10.4.0 | |
Apple iOS and macOS | =10.4.7 | |
Apple iOS and macOS | =10.4.4 | |
Apple iOS and macOS | =10.4.0 | |
Apple macOS Server | =10.4 | |
Apple macOS Server | =10.4.5 | |
Apple iOS and macOS | =10.4 | |
Apple macOS Server | =10.4.6 | |
Apple macOS Server | =10.4.8 | |
Apple iOS and macOS | =10.4.6 | |
Apple iOS and macOS | =10.4.5 | |
Apple iOS and macOS | =10.4.11 | |
Apple iOS and macOS | =10.4.8 | |
Apple macOS Server | =10.4.7 | |
Apple iOS and macOS | =10.4.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-1728 is classified as a critical severity vulnerability due to its potential for remote code execution.
To mitigate CVE-2009-1728, users should update their Apple Mac OS X to version 10.5.8 or later, or apply the appropriate digital camera RAW compatibility update.
CVE-2009-1728 allows remote attackers to execute arbitrary code or crash the application by exploiting a stack-based buffer overflow in Image RAW.
CVE-2009-1728 affects Apple Mac OS X versions 10.4 and 10.5, specifically prior to Digital Camera RAW Compatibility Update 2.6 and before 10.5.8.
Users running vulnerable versions of Apple Mac OS X are at risk of exploitation through maliciously crafted Canon RAW images.